# Use SSH to Collect ArubaOS Network Appliance Information {% hint style="warning" %} This feature is in Early Release/BETA. Please contact your Epiphany Systems support or sales contact to learn more. {% endhint %} {% hint style="warning" %} This document is under construction. Please excuse our dust. {% endhint %} ## SSH Collection Epiphany has the capability to extract network appliance information via Secure Shell (SSH). The SSH collectors will establish a SSHv2 session with the appliances and run the needed ‘display’ commands for data collection. There is also a process for [manual collection](https://docs.reveald.com/technical-documentation/data-sources-early-access/arubaos/arubaos-manual-collection) of the network configurations following this section. If a user is ready and SSHv2 is enabled, please proceed to the [*JSON Storage of Network Credentials*](#json-storage-of-network-credentials) section. ## Create a New ArubaOS User #### Step 1: * Log into the ArubaOS switch command-line interface (CLI) using your assigned credentials. * Enter the CLI commands shown below to create a user with the required privileges. Items labeled with a set of “<>” around them have additional explanations below the command block in the "!" tip. #### Command Breakdown with Variable Configurations ``` config password operator user-name plaintext aaa authorization commands aaa authorization group 1 match-command “command:” permit log exit write memory ``` {% hint style="info" %} **username:** The recommended username is **epiphany**. **password:** Ensure the password meets your organization’s password policy. **group:** The recommended group name is **epiphany-group**. {% endhint %} #### Example Commands Using the Suggested \,\, and \ ``` Config Password operator user-name epiphany plaintext supersecretpassword aaa authorization commands local aaa authorization group epiphany_group 1 match-command “command:show running-configuration” permit log aaa authorization group epiphany_group 2 match-command “command:show ip route” permit log aaa authorization group epiphany_group 3 match-command “command:show arp” permit log aaa authorization group epiphany_group 4 match-command “command:show vlans” permit log aaa authorization group epiphany_group 5 match-command “command:show cdp neighbors” permit log aaa authorization group epiphany_group 6 match-command “command:show lldp remote-device” permit log aaa authorization group epiphany_group 7 match-command “command:show version” permit log exit Write memory ``` {% hint style="info" %} You can also create users in an AAA Server. These privileges are made to provide Epiphany with the least-privileged rights to perform its tasks. {% endhint %} ## **Enable SSHv2** #### Step 2: * Enter the CLI commands shown below to enable SSHv2 on the ArubaOS switch appliance. Items labeled with an “\*” have additional explanations below the command block in the "!" tip. ``` Config Crypto key generate ssh Ip ssh *no telnet-server ``` {% hint style="danger" %} If telnet is needed for this appliance do not run this command. {% endhint %} ## **JSON Storage of Network Credentials** #### Step 3: The username, password, and IP address need to be stored in a JSON file in the format shown below. Ensure this data is stored in a secure location prior to uploading it Epiphany. #### JSON File Example ```json {"ip":"192.168.0.1", "user":"username", "passw":"password123"}, {"ip":"192.168.0.2", "user":"username", "passw":"password123"} ```